enforce('session', 200); // Cleanup expired refresh tokenu (0.1% sance) if (rand(1, 1000) === 1) { try { JWTAuth::cleanupExpiredTokens(); } catch (Exception $e) { } } if (!in_array($_SERVER['REQUEST_METHOD'], ['GET', 'POST'])) { errorResponse('Metoda není povolena', 405); } $authData = JWTAuth::optionalAuth(); if ($authData) { $userData = $authData['user']; $userData['permissions'] = JWTAuth::getUserPermissions($authData['user_id']); $twoFA = get2FAInfo(db(), $authData['user_id']); $userData['totp_enabled'] = $twoFA['totp_enabled']; $userData['require_2fa'] = $twoFA['require_2fa']; successResponse([ 'authenticated' => true, 'user' => $userData, 'access_token' => null, 'expires_in' => null, ]); } $refreshToken = $_COOKIE['refresh_token'] ?? null; if ($refreshToken) { $result = JWTAuth::refreshTokens(); if ($result) { $twoFA = get2FAInfo(db(), $result['user']['id']); $result['user']['totp_enabled'] = $twoFA['totp_enabled']; $result['user']['require_2fa'] = $twoFA['require_2fa']; successResponse([ 'authenticated' => true, 'user' => $result['user'], 'access_token' => $result['access_token'], 'expires_in' => $result['expires_in'], ]); } } successResponse([ 'authenticated' => false, 'user' => null, 'access_token' => null, 'expires_in' => null, ]);